usr/src/cmd/ipf/lib/common/ipft_sn.c

   1 /*
   2  * Copyright (C) 1993-2001 by Darren Reed.
   3  *
   4  * See the IPFILTER.LICENCE file for details on licencing.
   5  *
   6  * $Id: ipft_sn.c,v 1.7 2003/02/16 02:32:36 darrenr Exp $
   7  */
   8
   9 /*
  10  * Written to comply with the recent RFC 1761 from Sun.
  11  */
  12 #include "ipf.h"
  13 #include "snoop.h"
  14 #include "ipt.h"
  15
  16 static const char rcsid[] = "@(#)$Id: ipft_sn.c,v 1.7 2003/02/16 02:32:36 darrenr Exp $";
  17
  18 struct  llc     {
  19         int     lc_sz;  /* LLC header length */
  20         int     lc_to;  /* LLC Type offset */
  21         int     lc_tl;  /* LLC Type length */
  22 };
  23
  24 /*
  25  * While many of these maybe the same, some do have different header formats
  26  * which make this useful.
  27  */
  28 static  struct  llc     llcs[SDL_MAX+1] = {
  29         { 0, 0, 0 },    /* SDL_8023 */
  30         { 0, 0, 0 },    /* SDL_8024 */
  31         { 0, 0, 0 },    /* SDL_8025 */
  32         { 0, 0, 0 },    /* SDL_8026 */
  33         { 14, 12, 2 },  /* SDL_ETHER */
  34         { 0, 0, 0 },    /* SDL_HDLC */
  35         { 0, 0, 0 },    /* SDL_CHSYNC */
  36         { 0, 0, 0 },    /* SDL_IBMCC */
  37         { 0, 0, 0 },    /* SDL_FDDI */
  38         { 0, 0, 0 },    /* SDL_OTHER */
  39 };
  40
  41 static  int     snoop_open __P((char *));
  42 static  int     snoop_close __P((void));
  43 static  int     snoop_readip __P((char *, int, char **, int *));
  44
  45 static  int     sfd = -1, s_type = -1;
  46 static  int     snoop_read_rec __P((struct snooppkt *));
  47
  48 struct  ipread  snoop = { snoop_open, snoop_close, snoop_readip, 0 };
  49
  50
  51 static  int     snoop_open(fname)
  52 char    *fname;
  53 {
  54         struct  snoophdr sh;
  55         int     fd;
  56         int s_v;
  57
  58         if (sfd != -1)
  59                 return sfd;
  60
  61         if (!strcmp(fname, "-"))
  62                 fd = 0;
  63         else if ((fd = open(fname, O_RDONLY)) == -1)
  64                 return -1;
  65
  66         if (read(fd, (char *)&sh, sizeof(sh)) != sizeof(sh))
  67                 return -2;
  68
  69         s_v = (int)ntohl(sh.s_v);
  70         s_type = (int)ntohl(sh.s_type);
  71
  72         if (s_v != SNOOP_VERSION ||
  73             s_type < 0 || s_type > SDL_MAX) {
  74                 (void) close(fd);
  75                 return -2;
  76         }
  77
  78         sfd = fd;
  79         printf("opened snoop file %s:\n", fname);
  80         printf("\tid: %8.8s version: %d type: %d\n", sh.s_id, s_v, s_type);
  81
  82         return fd;
  83 }
  84
  85
  86 static  int     snoop_close()
  87 {
  88         return close(sfd);
  89 }
  90
  91
  92 /*
  93  * read in the header (and validate) which should be the first record
  94  * in a snoop file.
  95  */
  96 static  int     snoop_read_rec(rec)
  97 struct  snooppkt *rec;
  98 {
  99         int     n, plen, ilen;
 100
 101         if (read(sfd, (char *)rec, sizeof(*rec)) != sizeof(*rec))
 102                 return -2;
 103
 104         ilen = (int)ntohl(rec->sp_ilen);
 105         plen = (int)ntohl(rec->sp_plen);
 106         if (ilen > plen || plen < sizeof(*rec))
 107                 return -2;
 108
 109         plen -= sizeof(*rec);
 110         n = MIN(plen, ilen);
 111         if (!n || n < 0)
 112                 return -3;
 113
 114         return plen;
 115 }
 116
 117
 118 #ifdef  notyet
 119 /*
 120  * read an entire snoop packet record.  only the data part is copied into
 121  * the available buffer, with the number of bytes copied returned.
 122  */
 123 static  int     snoop_read(buf, cnt)
 124 char    *buf;
 125 int     cnt;
 126 {
 127         struct  snooppkt rec;
 128         static  char    *bufp = NULL;
 129         int     i, n;
 130
 131         if ((i = snoop_read_rec(&rec)) <= 0)
 132                 return i;
 133
 134         if (!bufp)
 135                 bufp = malloc(i);
 136         else
 137                 bufp = realloc(bufp, i);
 138
 139         if (read(sfd, bufp, i) != i)
 140                 return -2;
 141
 142         n = MIN(i, cnt);
 143         bcopy(bufp, buf, n);
 144         return n;
 145 }
 146 #endif
 147
 148
 149 /*
 150  * return only an IP packet read into buf
 151  */
 152 static  int     snoop_readip(buf, cnt, ifn, dir)
 153 char    *buf, **ifn;
 154 int     cnt, *dir;
 155 {
 156         static  char    *bufp = NULL;
 157         struct  snooppkt rec;
 158         struct  llc     *l;
 159         char    ty[4], *s;
 160         int     i, n;
 161
 162         do {
 163                 if ((i = snoop_read_rec(&rec)) <= 0)
 164                         return i;
 165
 166                 if (!bufp)
 167                         bufp = malloc(i);
 168                 else
 169                         bufp = realloc(bufp, i);
 170                 s = bufp;
 171
 172                 if (read(sfd, s, i) != i)
 173                         return -2;
 174
 175                 l = &llcs[s_type];
 176                 i -= l->lc_to;
 177                 s += l->lc_to;
 178                 /*
 179                  * XXX - bogus assumption here on the part of the time field
 180                  * that it won't be greater than 4 bytes and the 1st two will
 181                  * have the values 8 and 0 for IP.  Should be a table of
 182                  * these too somewhere.  Really only works for SDL_ETHER.
 183                  */
 184                 bcopy(s, ty, l->lc_tl);
 185         } while (ty[0] != 0x8 && ty[1] != 0);
 186
 187         i -= l->lc_tl;
 188         s += l->lc_tl;
 189         n = MIN(i, cnt);
 190         bcopy(s, buf, n);
 191
 192         return n;
 193 }